package com.qt.configure;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@Configuration
public class MyWebSecurityConfig extends WebSecurityConfigurerAdapter {
    //配置安全拦截策略
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable() //关闭csrg跨域检查
                    .authorizeRequests()
                    .antMatchers("/mobile/**").hasAuthority("mobile") //配置资源
                    .antMatchers("/salary/**").hasAuthority("salary")
//                    .antMatchers("/common/**").permitAll()
                    .anyRequest().authenticated() //其他请求需要登录
                    .and() //并行条件
        .formLogin();
    }
}
